多項選擇題Which three techniques should be used to secure management protocols?()

A.Configure SNMP with only read-only community strings.
B.Encrypt TFTP and syslog traffic in an IPSec tunnel.
C.Implement RFC 3704 filtering at the perimeter router when allowing syslog access from devices on the outside of a firewall.
D.Synchronize the NTP master clock with an Internet atomic clock.
E.Use SNMP version 2.
F.Use TFTP version 3 or above because these versions support a cryptographic authentication mechanism between peers.


您可能感興趣的試卷

你可能感興趣的試題

1.多項選擇題If an edge Label Switch Router (LSR) is properly configured,which three combinations are possible?()

A.A received IP packet is forwarded based on the IP destination address and the packet is sent as an IP packet.
B.An IP destination exists in the IP forwarding table. A received labeled packet is dropped because the label is not found in the LFIB table.
C.There is an MPLS label-switched path toward the destination. A received IP packet is dropped because the destination is not found in the IP forwarding table.
D.A received IP packet is forwarded based on the IP destination address and the packet is sent as a labeled packet.
E.A received labeled IP packet is forwarded based upon both the label and the IP address.
F.A received labeled packet is forwarded based on the label. After the label is swapped,the newly labeled packet is sent.

2.單項選擇題What are the four steps, in their correct order, to mitigate a worm attack?()

A.contain,inoculate,quarantine,and treat
B.inoculate,contain,quarantine,and treat
C.quarantine,contain,inoculate,and treat
D.preparation,identification,traceback,and postmortem
E.preparation,classification,reaction,and treat
F.identification,inoculation,postmortem,and reaction

3.多項選擇題Which two network attack statements are true?()

A.Access attacks can consist of password attacks,trust exploitation,port redirection,and man-in-the-middle attacks.
B.Access attacks can consist of UDP and TCP SYN flooding,ICMP echo-request floods,and ICMP directed broadcasts.
C.DoS attacks can be reduced through the use of access control configuration,encryption,and RFC 2827 filtering.
D.DoS attacks can consist of IP spoofing and DDoS attacks.
E.IP spoofing can be reduced through the use of policy-based routing.
F.IP spoofing exploits known vulnerabilities in authentication services, FTP services,and web services to gain entry to web accounts,confidential databases,and other sensitive information.

4.單項選擇題

Refer to the exhibit. What statement is true about the interface S1/0 on router R1?()

A.Labeled packets can be sent over an interface.
B.MPLS Layer 2 negotiations have occurred.
C.IP label switching has been disabled on this interface.
D.None of the MPLS protocols have been configured on the interface.

5.多項選擇題Which two statements describe the functions and operations of IDS and IPS systems?()

A.A network administrator entering a wrong password would generate a true-negative alarm.
B.A false positive alarm is generated when an IDS/IPS signature is correctly identified.
C.An IDS is significantly more advanced over IPS because of its ability to prevent network attacks.
D.Cisco IDS works inline and stops attacks before they enter the network.
E.Cisco IPS taps the network traffic and responds after an attack.
F.Profile-based intrusion detection is also known as "anomaly detection".

最新試題

Which form of DSL technology is typically used as a replacement for T1 lines?()

題型:單項選擇題

What are three configurable parameters when editing signatures in Security Device Manager (SDM)?()

題型:多項選擇題

Which statement is true about a worm attack?()

題型:單項選擇題

Which statement describes the Authentication Proxy feature?()

題型:單項選擇題

Refer to the exhibit.Which three statements describe the steps that are required to configure an IPsec site-to-site VPN using a GRE tunnel?()

題型:多項選擇題

Which statement about an IPS is true?()

題型:單項選擇題

Refer to the exhibit. MPLS has been configured on all routers in the domain. In order for R2 and R3 to forward frames between them with label headers, what additional configuration will be required on devices that are attached to the LAN segment?()

題型:單項選擇題

Which two mechanisms can be used to detect IPsec GRE tunnel failures?()

題型:多項選擇題

Refer to the exhibit. What type of security solution will be provided for the inside network?()

題型:單項選擇題

Which two statements about the Cisco AutoSecure feature are true?()

題型:多項選擇題